Polycom VSX3000 behind CheckpointNGX
Netstudent
Member Posts: 1,693 ■■■□□□□□□□
in Off-Topic
We have Checkpoint NGX R65 software on a crossbeam platform. Anyways we cannot get these dang polycom units to setup a successfull call.
I can call out, then polycom can see the call incoming, then they can answer the call, but we get nothing. Just a black screen with no video and no voice.
HAs anyone here setup checkpoint for video conferencing? Anyone have any good documents or links.
At first glance it seems like a port problem, but we opened up everything and still could not negotiate a successful call.
I can call out, then polycom can see the call incoming, then they can answer the call, but we get nothing. Just a black screen with no video and no voice.
HAs anyone here setup checkpoint for video conferencing? Anyone have any good documents or links.
At first glance it seems like a port problem, but we opened up everything and still could not negotiate a successful call.
There is no place like 127.0.0.1 BUT 209.62.5.3 is my 127.0.0.1 away from 127.0.0.1!
Comments
-
binarysoul Member Posts: 993Have you tested the polycom in a non-firewall environment to ensure this isn't a problem with Polycom itself rather than with firewall? Have you ensured your Polycom configs, such as gatekeeper and etc are correct?
Do you see any packetse (dropped or otherwise) to and from Polycom's IP when you filter by Polycom's IP using Checkpoint "Tracker"?
So, I would look at polycom and firewall seprately than to try to fix the issue without first knowing where the cause is -
Netstudent Member Posts: 1,693 ■■■□□□□□□□Hey thanks for the input. We have tested in front of the firewall and it did work. I actually created a route-map for video traffic to go out another internet connection. This connection has a cluster of ASA 5520's which basically took 3 lines of config to get working. I hope we phase out checkpoint.There is no place like 127.0.0.1 BUT 209.62.5.3 is my 127.0.0.1 away from 127.0.0.1!
-
malcybood Member Posts: 900 ■■■□□□□□□□Netstudent wrote:We have Checkpoint NGX R65 software on a crossbeam platform. Anyways we cannot get these dang polycom units to setup a successfull call.
I can call out, then polycom can see the call incoming, then they can answer the call, but we get nothing. Just a black screen with no video and no voice.
HAs anyone here setup checkpoint for video conferencing? Anyone have any good documents or links.
At first glance it seems like a port problem, but we opened up everything and still could not negotiate a successful call.
I thought checkpoint had the capability to allow and perform deep packet inspection on h.323/sip packets as default although id say if you enabled all services to be allowed through checkpoint opening specific ports on the firewall is not the only factor to consider here.
from the info you've supplied it looks like you need to configure NAT traversal and firewall settings on the Polycom unit.
port numbers and setup instructions on page 2-13 - 2-16 of the following document (VSX3000 polycom unit);
http://www.polycom.com/common/documents/support/setup_maintenance/products/video/vsx_series_admin_guide_v8.7.pdf -
Netstudent Member Posts: 1,693 ■■■□□□□□□□Ya I configured all of that in the unit. I know that the most common cause of problems with H.323 and a firewall is NAT because of the way h323 embeds the source IP into the payload or data portion of the h323 packet. I tried a lot of different configuration options within checkpoint and the H323/IP settings within the unit. Finally I allowed everything through checkpoint and reconfigured the polycom's firewall options, still nothing. I can't spend anymore time on it so I worked around it. Thanks for the help.There is no place like 127.0.0.1 BUT 209.62.5.3 is my 127.0.0.1 away from 127.0.0.1!